🛡️ CVE Intelligence Center
Common Vulnerabilities & Exposures — Security Intelligence Database
| CVE ID | Severity | CVSS | Description | Status | Published |
|---|---|---|---|---|---|
| CVE-2026-5333 | High | 7.3 |
A security flaw has been discovered in DefaultFuction Content-Management-System 1.0. This issue affects some unknown pro…
|
— | Apr 2, 2026 |
| CVE-2026-5244 | High | 7.3 |
A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mo…
|
— | Apr 2, 2026 |
| CVE-2026-33613 | High | 7.2 |
Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulne…
|
— | Apr 2, 2026 |
| CVE-2026-0686 | High | 7.2 |
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5…
|
— | Apr 2, 2026 |
| CVE-2026-29782 | High | 7.2 |
OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, th…
|
⚡ Exploit ✅ Patch | Apr 2, 2026 |
| CVE-2026-34790 | High | 7.1 |
Endian Firewall version 3.3.25 and prior allow authenticated users to delete arbitrary files via directory traversal in …
|
— | Apr 2, 2026 |
| CVE-2026-5330 | Medium | 6.5 |
A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some …
|
— | Apr 2, 2026 |
| CVE-2026-0688 | Medium | 6.4 |
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5…
|
— | Apr 2, 2026 |
| CVE-2026-34809 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/zo…
|
— | Apr 2, 2026 |
| CVE-2026-34810 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/vp…
|
— | Apr 2, 2026 |
| CVE-2026-34808 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/ou…
|
— | Apr 2, 2026 |
| CVE-2026-34805 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/dn…
|
— | Apr 2, 2026 |
| CVE-2026-34804 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the dscp parameter to /manage/qos/r…
|
— | Apr 2, 2026 |
| CVE-2026-34803 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the name parameter to /manage/qos/c…
|
— | Apr 2, 2026 |
| CVE-2026-34802 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark user ham spam parameter …
|
— | Apr 2, 2026 |
| CVE-2026-34801 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dhc…
|
— | Apr 2, 2026 |
| CVE-2026-34800 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the NAME parameter to /cgi-bin/upli…
|
— | Apr 2, 2026 |
| CVE-2026-34799 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dns…
|
— | Apr 2, 2026 |
| CVE-2026-34798 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/ro…
|
— | Apr 2, 2026 |
| CVE-2026-34806 | Medium | 6.4 |
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/sn…
|
— | Apr 2, 2026 |